Hackers Steal 4M+ TransUnion Customers’ Data – Dark Reading
The credit reporting agency said the breach was “limited to specific data elements” and didn’t include credit reports or core credit information. – Read More
How Gainesville Regional Utilities is locking down vendor risk – CSO Online
Gainesville Regional Utilities (GRU) isn’t just a utilities provider—it’s the communications backbone for the community. In addition to delivering electricity and water, GRU operates fiber-optic networks and uses smart grid…
2025 CSO Hall of Fame: George Finney on decryption risks, AI, and the CISO’s growing clout – CSO Online
With more than 20 years of experience at startups, nonprofits, and large universities, George Finney has built a reputation for seeing both the big picture and the detailed improvements needed…
Akira, Cl0p Top List of 5 Most Active Ransomware-as-a-Service Groups – Dark Reading
Flashpoint published its 2025 midyear ransomware report that highlighted the top five most prolific groups currently in operation. – Read More
1,000+ Devs Lose Their Secrets to an AI-Powered Stealer – Dark Reading
One of the most sophisticated supply chain attacks to date caused immense amounts of data to leak to the Web in a matter of hours. – Read More
Dark Reading Confidential: A Guided Tour of Today’s Dark Web – Dark Reading
Dark Reading Confidential Episode 9: Join us for a look around today’s Dark Web, and find out how law enforcement, AI, nation-state activities, and more are reshaping the way cybercriminals…
Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security
Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited…
Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names – The Hacker News
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said…
Wave of npm supply chain attacks exposes thousands of enterprise developer credentials – CSO Online
Attacks on the NX build system and React packages highlight escalating threats to enterprise software development pipelines. – Read More
CISA’s New SBOM Guidelines Get Mixed Reviews – Dark Reading
Updated SBOM rules from CISA are a solid step toward making them more useful for cyber defenders but don’t address many critical needs, experts say. – Read More
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide – The Hacker News
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military…
Addleshaws freezes NQ pay at £100k to tackle salary bunching – Legal Cheek
Bigger bonus pool too Addleshaw Goddard has opted to hold newly qualified (NQ) lawyer salaries at £100,000 this year, diverting extra funds into a £19 million bonus pool and boosting…
Webinar: Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSec – The Hacker News
Picture this: Your team rolls out some new code, thinking everything’s fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the…
Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them – The Hacker News
Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent…
Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials – The Hacker News
The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary…